Mod_SSL Off-By-One HTAccess Buffer Overflow Vulnerability

Bugtraq ID: 5084
Class: Boundary Condition Error
CVE:
Remote: No
Local: Yes
Published: Jun 22 2002 12:00AM
Updated: Jun 22 2002 12:00AM
Credit: Vulnerability discovery credited to Jedi/Sector One <j@pureftpd.org>.
Vulnerable: mod_ssl mod_ssl 2.8.9
- Apache Software Foundation Apache 1.3.26
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ HP Secure OS software for Linux 1.0
+ Slackware Linux 8.1
mod_ssl mod_ssl 2.8.8
- Apache Software Foundation Apache 1.3.24
mod_ssl mod_ssl 2.8.7
+ Apache Software Foundation Apache 1.3.23
+ MandrakeSoft Multi Network Firewall 2.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
mod_ssl mod_ssl 2.8.6
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.16
+ Apache Software Foundation Apache 1.3.15
+ Apache Software Foundation Apache 1.3.14 Mac
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.13
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.7 -dev
+ Apache Software Foundation Apache 1.3.6
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2
+ Compaq Compaq Secure Web Server for OpenVMS 1.2
+ Compaq Compaq Secure Web Server for OpenVMS 1.1 -1
+ Compaq Compaq Secure Web Server for OpenVMS 1.0 -1
+ Compaq Compaq Secure Web Server for Tru64 5.5.2
mod_ssl mod_ssl 2.8.5
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.16
+ Apache Software Foundation Apache 1.3.15
+ Apache Software Foundation Apache 1.3.14 Mac
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.13
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.7 -dev
+ Apache Software Foundation Apache 1.3.6
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
mod_ssl mod_ssl 2.8.4
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.16
+ Apache Software Foundation Apache 1.3.15
+ Apache Software Foundation Apache 1.3.14 Mac
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.13
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.7 -dev
+ Apache Software Foundation Apache 1.3.6
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2
+ MandrakeSoft Single Network Firewall 7.2
+ Slackware Linux 8.1
mod_ssl mod_ssl 2.8.3
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.16
+ Apache Software Foundation Apache 1.3.15
+ Apache Software Foundation Apache 1.3.14 Mac
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.13
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.7 -dev
+ Apache Software Foundation Apache 1.3.6
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2
mod_ssl mod_ssl 2.8.2
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.16
+ Apache Software Foundation Apache 1.3.15
+ Apache Software Foundation Apache 1.3.14 Mac
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.13
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.7 -dev
+ Apache Software Foundation Apache 1.3.6
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2
mod_ssl mod_ssl 2.8.1
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.16
+ Apache Software Foundation Apache 1.3.15
+ Apache Software Foundation Apache 1.3.14 Mac
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.13
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.7 -dev
+ Apache Software Foundation Apache 1.3.6
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2
+ RedHat Secure Web Server 3.2 i386
mod_ssl mod_ssl 2.8
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.16
+ Apache Software Foundation Apache 1.3.16
+ Apache Software Foundation Apache 1.3.15
+ Apache Software Foundation Apache 1.3.15
+ Apache Software Foundation Apache 1.3.14 Mac
+ Apache Software Foundation Apache 1.3.14 Mac
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.13
+ Apache Software Foundation Apache 1.3.13
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.7 -dev
+ Apache Software Foundation Apache 1.3.7 -dev
+ Apache Software Foundation Apache 1.3.6
+ Apache Software Foundation Apache 1.3.6
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2
+ Apache Software Foundation Apache 1.2
mod_ssl mod_ssl 2.7.1
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2
+ EnGarde Secure Linux 1.0.1
mod_ssl mod_ssl 2.7 .0
- Apache Software Foundation Apache 1.3.14
mod_ssl mod_ssl 2.6.6
+ Apache Software Foundation Apache 1.3.12
mod_ssl mod_ssl 2.6.5
+ Apache Software Foundation Apache 1.3.12
mod_ssl mod_ssl 2.6.4
+ Apache Software Foundation Apache 1.3.12
mod_ssl mod_ssl 2.6.3
+ Apache Software Foundation Apache 1.3.12
mod_ssl mod_ssl 2.6.2
+ Apache Software Foundation Apache 1.3.12
mod_ssl mod_ssl 2.6.1
+ Apache Software Foundation Apache 1.3.12
mod_ssl mod_ssl 2.6 .0
+ Apache Software Foundation Apache 1.3.12
mod_ssl mod_ssl 2.5.1
+ Apache Software Foundation Apache 1.3.11
mod_ssl mod_ssl 2.5 .0
+ Apache Software Foundation Apache 1.3.11
mod_ssl mod_ssl 2.4.10
+ Apache Software Foundation Apache 1.3.22
+ Apache Software Foundation Apache 1.3.20
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.18
+ Apache Software Foundation Apache 1.3.17
+ Apache Software Foundation Apache 1.3.14
+ Apache Software Foundation Apache 1.3.12
+ Apache Software Foundation Apache 1.3.11
+ Apache Software Foundation Apache 1.3.9
+ Apache Software Foundation Apache 1.3.4
+ Apache Software Foundation Apache 1.3.3
+ Apache Software Foundation Apache 1.3.1
+ Apache Software Foundation Apache 1.3
+ Apache Software Foundation Apache 1.2.5
+ Apache Software Foundation Apache 1.2
mod_ssl mod_ssl 2.4.9
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.4.8
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.4.7
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.4.6
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.4.5
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.4.4
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.4.3
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.4.2
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.4.1
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.4 .10
+ Apache Software Foundation Apache 1.3.9
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
mod_ssl mod_ssl 2.4 .0
+ Apache Software Foundation Apache 1.3.9
mod_ssl mod_ssl 2.3.11
+ Apache Software Foundation Apache 1.3.6
Apple Mac OS X 10.2
Apple Mac OS X 10.1.5
Apple Mac OS X 10.1.4
Apple Mac OS X 10.1.3
Apple Mac OS X 10.1.2
Apple Mac OS X 10.1.1
Apple Mac OS X 10.1
Apple Mac OS X 10.1
Apple Mac OS X 10.0.4
Apple Mac OS X 10.0.3
Apple Mac OS X 10.0.2
Apple Mac OS X 10.0.1
Apple Mac OS X 10.0
Not Vulnerable: mod_ssl mod_ssl 2.8.10
- Apache Software Foundation Apache 1.3.26
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Slackware Linux 8.1


 

Privacy Statement
Copyright 2010, SecurityFocus